#!/usr/bin/perl
-use strict;
use Modern::Perl;
use CGI;
use C4::Auth;
use C4::Koha;
-use C4::Members qw(changepassword Search);
use C4::Output;
use C4::Context;
-use C4::Passwordrecovery qw(SendPasswordRecoveryEmail ValidateBorrowernumber GetValidLinkInfo CompletePasswordRecovery);
+use Koha::Patron::Password::Recovery
+ qw(SendPasswordRecoveryEmail ValidateBorrowernumber GetValidLinkInfo CompletePasswordRecovery DeleteExpiredPasswordRecovery);
+use Koha::Patrons;
use Koha::AuthUtils qw(hash_password);
+use Koha::Patrons;
my $query = new CGI;
use HTML::Entities;
my $errPassTooShort;
if ( $query->param('sendEmail') || $query->param('resendEmail') ) {
- my $protocol = $query->https() ? "https://" : "http://";
+
#try with the main email
- $email ||= ''; # avoid undef
+ $email ||= ''; # avoid undef
my $borrower;
- my $search_results;
+ my $search_results = [];
# Find the borrower by his userid or email
- if( $username ){
- $search_results = Search({ userid => $username });
+ if ($username) {
+ $search_results = [ Koha::Patrons->search( { userid => $username } ) ];
}
- elsif ( $email ){
- $search_results = Search({ '' => $email }, undef, undef, undef, ['emailpro', 'email', 'B_email']);
+ elsif ($email) {
+ $search_results = [ Koha::Patrons->search( { -or => { email => $email, emailpro => $email, B_email => $email } } ) ];
}
-
- if(scalar @$search_results > 1){ # Many matching borrowers
- $hasError = 1;
- $errTooManyEmailFound = 1;
+ if ( not $search_results || scalar @$search_results > 1 ) {
+ $hasError = 1;
+ $errNoBorrowerFound = 1;
}
- elsif( $borrower = shift @$search_results ){ # One matching borrower
- $username ||= $borrower->{'userid'};
- my @emails = ( $borrower->{'email'}, $borrower->{'emailpro'}, $borrower->{'B_email'} );
+ elsif ( $borrower = shift @$search_results ) { # One matching borrower
+ $username ||= $borrower->userid;
+ my @emails = ( $borrower->email, $borrower->emailpro, $borrower->B_email );
+
+ my $firstNonEmptyEmail = '';
+ foreach my $address ( @emails ) {
+ $firstNonEmptyEmail = $address if length $address;
+ last if $firstNonEmptyEmail;
+ }
+
# Is the given email one of the borrower's ?
- if( $email && !($email ~~ @emails) ){
- $hasError = 1;
- $errBadEmail = 1;
+ if ( $email && !( grep { $_ eq $email } @emails ) ) {
+ $hasError = 1;
+ $errNoBorrowerFound = 1;
}
- # If we dont have an email yet. Get one of the borrower's email or raise an error.
- # FIXME: That ugly shift-grep contraption.
- # $email = shift [ grep { length() } @emails ]
- # It's supposed to get a non-empty string from the @emails array. There's surely a simpler way
- elsif( !$email && !($email = shift [ grep { length() } @emails ]) ){
- $hasError = 1;
- $errNoBorrowerEmail = 1;
+
+# If we dont have an email yet. Get one of the borrower's email or raise an error.
+ elsif ( !$email && !( $email = $firstNonEmptyEmail ) ) {
+ $hasError = 1;
+ $errNoBorrowerEmail = 1;
}
- # Check if a password reset already issued for this borrower AND we are not asking for a new email
- elsif( ValidateBorrowernumber( $borrower->{'borrowernumber'} ) && !$query->param('resendEmail') ){
- $hasError = 1;
- $errAlreadyStartRecovery = 1;
+
+# Check if a password reset already issued for this borrower AND we are not asking for a new email
+ elsif ( not $query->param('resendEmail') ) {
+ if ( ValidateBorrowernumber( $borrower->borrowernumber ) ) {
+ $hasError = 1;
+ $errAlreadyStartRecovery = 1;
+ }
+ else {
+ DeleteExpiredPasswordRecovery( $borrower->borrowernumber );
+ }
}
}
- else{ # 0 matching borrower
+ else { # 0 matching borrower
$hasError = 1;
$errNoBorrowerFound = 1;
}
username => $username
);
}
- elsif ( SendPasswordRecoveryEmail( $borrower, $email, $protocol, $query->param('resendEmail') ) ) {#generate uuid and send recovery email
+ elsif ( SendPasswordRecoveryEmail( $borrower, $email, $query->param('resendEmail') ) ) { # generate uuid and send recovery email
$template->param(
mail_sent => 1,
email => $email
);
}
- else {# if it doesnt work....
+ else { # if it doesn't work....
$template->param(
password_recovery => 1,
sendmailError => 1
}
elsif ( $query->param('passwordReset') ) {
( $borrower_number, $username ) = GetValidLinkInfo($uniqueKey);
+
#validate password length & match
if ( ($borrower_number)
&& ( $password eq $repeatPassword )
&& ( length($password) >= $minPassLength ) )
- { #apply changes
- changepassword( $username, $borrower_number, hash_password($password) );
+ { #apply changes
+ Koha::Patrons->find($borrower_number)->update_password( $username, hash_password($password) );
CompletePasswordRecovery($uniqueKey);
$template->param(
password_reset_done => 1,
username => $username
);
}
- else { #errors
- if ( !$borrower_number ) { #parameters not valid
+ else { #errors
+ if ( !$borrower_number ) { #parameters not valid
$errLinkNotValid = 1;
}
- elsif ( $password ne $repeatPassword ) { #passwords does not match
+ elsif ( $password ne $repeatPassword ) { #passwords does not match
$errPassNotMatch = 1;
}
- elsif ( length($password) < $minPassLength ) { #password too short
+ elsif ( length($password) < $minPassLength ) { #password too short
$errPassTooShort = 1;
}
$template->param(
);
}
}
-elsif ($uniqueKey) { #reset password form
- #check if the link is valid
+elsif ($uniqueKey) { #reset password form
+ #check if the link is valid
( $borrower_number, $username ) = GetValidLinkInfo($uniqueKey);
if ( !$borrower_number ) {
email => $email,
uniqueKey => $uniqueKey,
username => $username,
- errLinkNotValid => $errLinkNotValid
+ errLinkNotValid => $errLinkNotValid,
+ hasError => ( $errLinkNotValid ? 1 : 0 ),
);
}
-else { #password recovery form (to send email)
+else { #password recovery form (to send email)
$template->param( password_recovery => 1 );
}